this is a unsign saml response xml, the value need be change every submit was replaced by {time1} or {guid1}.before sign the xml, those value will be update. otherwise it will not pass the Saml validation.If you got "Assertion was replayed" error. that because the time is not correct or AssertionId already be used.

After the Saml Xml build and signed, there is one more thing need change,the RSA Saml Relay part only take the signature before the issuer, but the DotNet sign the xml and insert as the last Child, so we need additional code to make it work: